LDAPv2TestCase.java revision ea1068c292e9b341af6d6b563cd8988a96be20a9
5046N/A/*
5046N/A * CDDL HEADER START
5046N/A *
5046N/A * The contents of this file are subject to the terms of the
5046N/A * Common Development and Distribution License, Version 1.0 only
5046N/A * (the "License"). You may not use this file except in compliance
5046N/A * with the License.
5046N/A *
5046N/A * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
5046N/A * or http://forgerock.org/license/CDDLv1.0.html.
5046N/A * See the License for the specific language governing permissions
5046N/A * and limitations under the License.
5046N/A *
5046N/A * When distributing Covered Code, include this CDDL HEADER in each
5046N/A * file and include the License file at legal-notices/CDDLv1_0.txt.
5046N/A * If applicable, add the following below this CDDL HEADER, with the
5046N/A * fields enclosed by brackets "[]" replaced with your own identifying
5046N/A * information:
5046N/A * Portions Copyright [yyyy] [name of copyright owner]
5046N/A *
5046N/A * CDDL HEADER END
5046N/A *
5046N/A *
5046N/A * Copyright 2006-2008 Sun Microsystems, Inc.
5046N/A * Portions Copyright 2010-2015 ForgeRock AS.
5046N/A */
5046N/Apackage org.opends.server.protocols.ldap ;
5046N/A
5046N/Aimport java.net.Socket;
5046N/Aimport java.util.ArrayList;
5046N/A
5046N/Aimport org.forgerock.opendj.ldap.ByteString;
5046N/Aimport org.forgerock.opendj.ldap.ModificationType;
5046N/Aimport org.forgerock.opendj.ldap.SearchScope;
5046N/Aimport org.opends.server.TestCaseUtils;
5046N/Aimport org.opends.server.tools.LDAPWriter;
5046N/Aimport org.opends.server.types.Control;
5046N/Aimport org.forgerock.opendj.ldap.DereferenceAliasesPolicy;
5046N/Aimport org.opends.server.types.RawAttribute;
5046N/Aimport org.opends.server.types.RawModification;
5046N/Aimport org.opends.server.util.StaticUtils;
5046N/Aimport org.testng.annotations.BeforeClass;
5046N/Aimport org.testng.annotations.Test;
5046N/A
5046N/Aimport static org.opends.server.util.ServerConstants.*;
5046N/Aimport static org.testng.Assert.*;
5046N/A
5046N/A/**
5046N/A * This class provides a number of tests to ensure that the server interacts
5046N/A * with LDAPv2 clients as expected.
5046N/A */
5046N/Apublic class LDAPv2TestCase
5046N/A extends LdapTestCase
5046N/A{
5046N/A /**
5046N/A * Ensure that the Directory Server is running.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @BeforeClass
5046N/A public void startServer()
5046N/A throws Exception
5046N/A {
5046N/A TestCaseUtils.startServer();
5046N/A TestCaseUtils.initializeTestBackend(true);
5046N/A }
5046N/A
5046N/A
5046N/A
5046N/A /**
5046N/A * Tests to ensure that the server will reject an LDAPv2 bind request if
5046N/A * configured to do so.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @Test
5046N/A public void testRejectBindRequest()
5046N/A throws Exception
5046N/A {
5046N/A TestCaseUtils.applyModifications(true,
5046N/A "dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config",
5046N/A "changetype: modify",
5046N/A "replace: ds-cfg-allow-ldap-v2",
5046N/A "ds-cfg-allow-ldap-v2: false");
5046N/A
5046N/A Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
5046N/A org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
5046N/A LDAPWriter w = new LDAPWriter(s);
5046N/A
5046N/A try
5046N/A {
5046N/A BindRequestProtocolOp bindRequest =
5046N/A new BindRequestProtocolOp(
5046N/A ByteString.valueOf("cn=Directory Manager"), 2,
5046N/A ByteString.valueOf("password"));
5046N/A LDAPMessage message = new LDAPMessage(1, bindRequest);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
5046N/A assertEquals(bindResponse.getResultCode(),
5046N/A LDAPResultCode.PROTOCOL_ERROR);
5046N/A }
5046N/A finally
5046N/A {
5046N/A TestCaseUtils.applyModifications(true,
5046N/A "dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config",
5046N/A "changetype: modify",
5046N/A "replace: ds-cfg-allow-ldap-v2",
5046N/A "ds-cfg-allow-ldap-v2: true");
5046N/A
5046N/A StaticUtils.close(r, w);
5046N/A StaticUtils.close(s);
5046N/A }
5046N/A }
5046N/A
5046N/A
5046N/A
5046N/A /**
5046N/A * Tests to ensure that the server will reject an extended request from an
5046N/A * LDAPv2 client.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @Test
5046N/A public void testRejectExtendedRequest()
5046N/A throws Exception
5046N/A {
5046N/A Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
5046N/A org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
5046N/A LDAPWriter w = new LDAPWriter(s);
5046N/A
5046N/A try
5046N/A {
5046N/A BindRequestProtocolOp bindRequest =
5046N/A new BindRequestProtocolOp(
5046N/A ByteString.valueOf("cn=Directory Manager"), 2,
5046N/A ByteString.valueOf("password"));
5046N/A LDAPMessage message = new LDAPMessage(1, bindRequest);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
5046N/A assertEquals(bindResponse.getResultCode(), 0);
5046N/A
5046N/A ExtendedRequestProtocolOp extendedRequest =
5046N/A new ExtendedRequestProtocolOp(OID_START_TLS_REQUEST);
5046N/A message = new LDAPMessage(2, extendedRequest);
5046N/A w.writeMessage(message);
5046N/A
5046N/A assertNull(r.readMessage());
5046N/A }
5046N/A finally
5046N/A {
5046N/A StaticUtils.close(r, w);
5046N/A StaticUtils.close(s);
5046N/A }
5046N/A }
5046N/A
5046N/A
5046N/A
5046N/A /**
5046N/A * Tests to ensure that the server will reject an LDAPv2 add request if it
5046N/A * contains any controls.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @Test
5046N/A public void testRejectAddControls()
5046N/A throws Exception
5046N/A {
5046N/A Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
5046N/A org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
5046N/A LDAPWriter w = new LDAPWriter(s);
5046N/A
5046N/A try
5046N/A {
5046N/A BindRequestProtocolOp bindRequest =
5046N/A new BindRequestProtocolOp(
5046N/A ByteString.valueOf("cn=Directory Manager"), 2,
5046N/A ByteString.valueOf("password"));
5046N/A LDAPMessage message = new LDAPMessage(1, bindRequest);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
5046N/A assertEquals(bindResponse.getResultCode(), 0);
5046N/A
5046N/A ArrayList<RawAttribute> addAttrs = new ArrayList<RawAttribute>();
5046N/A addAttrs.add(RawAttribute.create("objectClass", "organizationalUnit"));
5046N/A addAttrs.add(RawAttribute.create("ou", "People"));
5046N/A
5046N/A AddRequestProtocolOp addRequest =
5046N/A new AddRequestProtocolOp(ByteString.valueOf("ou=People,o=test"),
5046N/A addAttrs);
5046N/A ArrayList<Control> controls = new ArrayList<Control>(1);
5046N/A controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
5046N/A message = new LDAPMessage(2, addRequest, controls);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A AddResponseProtocolOp addResponse = message.getAddResponseProtocolOp();
5046N/A assertEquals(addResponse.getResultCode(), LDAPResultCode.PROTOCOL_ERROR);
5046N/A }
5046N/A finally
5046N/A {
5046N/A StaticUtils.close(r, w);
5046N/A StaticUtils.close(s);
5046N/A }
5046N/A }
5046N/A
5046N/A
5046N/A
5046N/A /**
5046N/A * Tests to ensure that the server will reject an LDAPv2 bind request if it
5046N/A * contains any controls and LDAPv2 binds are allowed.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @Test
5046N/A public void testRejectBindControls()
5046N/A throws Exception
5046N/A {
5046N/A Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
5046N/A org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
5046N/A LDAPWriter w = new LDAPWriter(s);
5046N/A
5046N/A try
5046N/A {
5046N/A BindRequestProtocolOp bindRequest =
5046N/A new BindRequestProtocolOp(
5046N/A ByteString.valueOf("cn=Directory Manager"), 2,
5046N/A ByteString.valueOf("password"));
5046N/A ArrayList<Control> controls = new ArrayList<Control>(1);
5046N/A controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
5046N/A LDAPMessage message = new LDAPMessage(1, bindRequest, controls);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
5046N/A assertEquals(bindResponse.getResultCode(), LDAPResultCode.PROTOCOL_ERROR);
5046N/A }
5046N/A finally
5046N/A {
5046N/A StaticUtils.close(r, w);
5046N/A StaticUtils.close(s);
5046N/A }
5046N/A }
5046N/A
5046N/A
5046N/A
5046N/A /**
5046N/A * Tests to ensure that the server will reject an LDAPv2 compare request if it
5046N/A * contains any controls.
5046N/A *
5046N/A * @throws Exception If an unexpected problem occurs.
5046N/A */
5046N/A @Test
5046N/A public void testRejectCompareControls()
5046N/A throws Exception
5046N/A {
5046N/A Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
5046N/A org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
5046N/A LDAPWriter w = new LDAPWriter(s);
5046N/A
5046N/A try
5046N/A {
5046N/A BindRequestProtocolOp bindRequest =
5046N/A new BindRequestProtocolOp(
5046N/A ByteString.valueOf("cn=Directory Manager"), 2,
5046N/A ByteString.valueOf("password"));
5046N/A LDAPMessage message = new LDAPMessage(1, bindRequest);
5046N/A w.writeMessage(message);
5046N/A
5046N/A message = r.readMessage();
5046N/A BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
5046N/A assertEquals(bindResponse.getResultCode(), 0);
CompareRequestProtocolOp compareRequest =
new CompareRequestProtocolOp(ByteString.valueOf("o=test"),
"o", ByteString.valueOf("test"));
ArrayList<Control> controls = new ArrayList<Control>(1);
controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
message = new LDAPMessage(2, compareRequest, controls);
w.writeMessage(message);
message = r.readMessage();
CompareResponseProtocolOp compareResponse =
message.getCompareResponseProtocolOp();
assertEquals(compareResponse.getResultCode(),
LDAPResultCode.PROTOCOL_ERROR);
}
finally
{
StaticUtils.close(r, w);
StaticUtils.close(s);
}
}
/**
* Tests to ensure that the server will reject an LDAPv2 delete request if it
* contains any controls.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testRejectDeleteControls()
throws Exception
{
Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
LDAPWriter w = new LDAPWriter(s);
try
{
BindRequestProtocolOp bindRequest =
new BindRequestProtocolOp(
ByteString.valueOf("cn=Directory Manager"), 2,
ByteString.valueOf("password"));
LDAPMessage message = new LDAPMessage(1, bindRequest);
w.writeMessage(message);
message = r.readMessage();
BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
assertEquals(bindResponse.getResultCode(), 0);
DeleteRequestProtocolOp deleteRequest =
new DeleteRequestProtocolOp(ByteString.valueOf("o=test"));
ArrayList<Control> controls = new ArrayList<Control>(1);
controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
message = new LDAPMessage(2, deleteRequest, controls);
w.writeMessage(message);
message = r.readMessage();
DeleteResponseProtocolOp deleteResponse =
message.getDeleteResponseProtocolOp();
assertEquals(deleteResponse.getResultCode(),
LDAPResultCode.PROTOCOL_ERROR);
}
finally
{
StaticUtils.close(r, w);
StaticUtils.close(s);
}
}
/**
* Tests to ensure that the server will reject an LDAPv2 modify request if it
* contains any controls.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testRejectModifyControls()
throws Exception
{
Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
LDAPWriter w = new LDAPWriter(s);
try
{
BindRequestProtocolOp bindRequest =
new BindRequestProtocolOp(
ByteString.valueOf("cn=Directory Manager"), 2,
ByteString.valueOf("password"));
LDAPMessage message = new LDAPMessage(1, bindRequest);
w.writeMessage(message);
message = r.readMessage();
BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
assertEquals(bindResponse.getResultCode(), 0);
ArrayList<RawModification> mods = new ArrayList<RawModification>();
mods.add(RawModification.create(ModificationType.REPLACE,
"description", "foo"));
ModifyRequestProtocolOp modifyRequest =
new ModifyRequestProtocolOp(ByteString.valueOf("o=test"), mods);
ArrayList<Control> controls = new ArrayList<Control>(1);
controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
message = new LDAPMessage(2, modifyRequest, controls);
w.writeMessage(message);
message = r.readMessage();
ModifyResponseProtocolOp modifyResponse =
message.getModifyResponseProtocolOp();
assertEquals(modifyResponse.getResultCode(),
LDAPResultCode.PROTOCOL_ERROR);
}
finally
{
StaticUtils.close(r, w);
StaticUtils.close(s);
}
}
/**
* Tests to ensure that the server will reject an LDAPv2 modify DN request if
* it contains any controls.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testRejectModifyDNControls()
throws Exception
{
Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
LDAPWriter w = new LDAPWriter(s);
try
{
BindRequestProtocolOp bindRequest =
new BindRequestProtocolOp(
ByteString.valueOf("cn=Directory Manager"), 2,
ByteString.valueOf("password"));
LDAPMessage message = new LDAPMessage(1, bindRequest);
w.writeMessage(message);
message = r.readMessage();
BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
assertEquals(bindResponse.getResultCode(), 0);
ModifyDNRequestProtocolOp modifyDNRequest =
new ModifyDNRequestProtocolOp(ByteString.valueOf("o=test"),
ByteString.valueOf("cn=test"), false);
ArrayList<Control> controls = new ArrayList<Control>(1);
controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
message = new LDAPMessage(2, modifyDNRequest, controls);
w.writeMessage(message);
message = r.readMessage();
ModifyDNResponseProtocolOp modifyDNResponse =
message.getModifyDNResponseProtocolOp();
assertEquals(modifyDNResponse.getResultCode(),
LDAPResultCode.PROTOCOL_ERROR);
}
finally
{
StaticUtils.close(r, w);
StaticUtils.close(s);
}
}
/**
* Tests to ensure that the server will reject an LDAPv2 search request if it
* contains any controls.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testRejectSearchControls()
throws Exception
{
Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
org.opends.server.tools.LDAPReader r = new org.opends.server.tools.LDAPReader(s);
LDAPWriter w = new LDAPWriter(s);
try
{
BindRequestProtocolOp bindRequest =
new BindRequestProtocolOp(
ByteString.valueOf("cn=Directory Manager"), 2,
ByteString.valueOf("password"));
LDAPMessage message = new LDAPMessage(1, bindRequest);
w.writeMessage(message);
message = r.readMessage();
BindResponseProtocolOp bindResponse = message.getBindResponseProtocolOp();
assertEquals(bindResponse.getResultCode(), 0);
SearchRequestProtocolOp searchRequest =
new SearchRequestProtocolOp(ByteString.empty(),
SearchScope.BASE_OBJECT,
DereferenceAliasesPolicy.NEVER, 0, 0, false,
LDAPFilter.objectClassPresent(), null);
ArrayList<Control> controls = new ArrayList<Control>(1);
controls.add(new LDAPControl(OID_MANAGE_DSAIT_CONTROL, true));
message = new LDAPMessage(2, searchRequest, controls);
w.writeMessage(message);
message = r.readMessage();
SearchResultDoneProtocolOp searchDone =
message.getSearchResultDoneProtocolOp();
assertEquals(searchDone.getResultCode(), LDAPResultCode.PROTOCOL_ERROR);
}
finally
{
StaticUtils.close(r, w);
StaticUtils.close(s);
}
}
}